https://github.com/Snape3058 created
https://github.com/llvm/llvm-project/pull/70792
When ctor is not declared in the base class, initializing the base class with
the initializer list will not trigger a proper assignment of the base region,
as a CXXConstructExpr doing that is not available in the AST.
This patch checks whether the init expr is an InitListExpr under a base
initializer, and adds a binding if so.
>From 86002768f8926a65802ca5c6766e1da56179d0fd Mon Sep 17 00:00:00 2001
From: Ella Ma <alansnape3...@gmail.com>
Date: Tue, 31 Oct 2023 18:41:14 +0800
Subject: [PATCH] [analyzer] Fix uninitialized base class with initializer list
when ctor is not declared in the base class (#70464)
When ctor is not declared in the base class, initializing the base class
with initializer list will not trigger a proper assignment of the base
region, as a CXXConstructExpr doing that is not available in the AST.
This patch checks whether the init expr is a InitListExpr under a base
initializer, and add a binding if so.
---
clang/lib/StaticAnalyzer/Core/ExprEngine.cpp | 9 +++
clang/test/Analysis/issue-70464.cpp | 69 ++++++++++++++++++++
2 files changed, 78 insertions(+)
create mode 100644 clang/test/Analysis/issue-70464.cpp
diff --git a/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp
b/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp
index 2e67fb953e45611..78dd1147ce1aa7c 100644
--- a/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp
+++ b/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp
@@ -1222,6 +1222,15 @@ void ExprEngine::ProcessInitializer(const CFGInitializer
CFGInit,
PostInitializer PP(BMI, FieldLoc.getAsRegion(), stackFrame);
evalBind(Tmp, Init, Pred, FieldLoc, InitVal, /*isInit=*/true, &PP);
}
+ } else if (BMI->isBaseInitializer() && isa<InitListExpr>(Init)) {
+ // When the base class is initialized with an initialization list, there
+ // will not be a CXXConstructExpr to initialize the base region. Hence, we
+ // need to make the bind for it.
+ StoreManager &StoreMgr = State->getStateManager().getStoreManager();
+ SVal BaseLoc = StoreMgr.evalDerivedToBase(
+ thisVal, QualType(BMI->getBaseClass(), 0), BMI->isBaseVirtual());
+ SVal InitVal = State->getSVal(Init, stackFrame);
+ evalBind(Tmp, Init, Pred, BaseLoc, InitVal, true);
} else {
assert(BMI->isBaseInitializer() || BMI->isDelegatingInitializer());
Tmp.insert(Pred);
diff --git a/clang/test/Analysis/issue-70464.cpp
b/clang/test/Analysis/issue-70464.cpp
new file mode 100644
index 000000000000000..0acced7ae102cac
--- /dev/null
+++ b/clang/test/Analysis/issue-70464.cpp
@@ -0,0 +1,69 @@
+// Refer issue 70464 for more details.
+//
+// When the base class does not have a declared constructor, the base
+// initializer in the constructor of the derived class should use the given
+// initializer list to finish the initialization of the base class.
+//
+// Also testing base constructor and delegate constructor to make sure this
+// change will not break these two cases when a CXXConstructExpr is available.
+
+// RUN: %clang_analyze_cc1 %s -verify
-analyzer-checker=core,debug.ExprInspection
+
+void clang_analyzer_dump(int);
+
+namespace init_list {
+
+struct foo {
+ int foox;
+};
+
+class bar : public foo {
+public:
+ bar() : foo{42} {
+ // The dereference to this->foox below should be initialized properly.
+ clang_analyzer_dump(this->foox); // expected-warning{{42 S32b}}
+ }
+};
+
+void entry() { bar test; }
+
+} // namespace init_list
+
+namespace base_ctor_call {
+
+void clang_analyzer_dump(int);
+
+struct foo {
+ int foox;
+ foo(int x) : foox(x) {}
+};
+
+class bar : public foo {
+public:
+ bar() : foo{42} {
+ clang_analyzer_dump(this->foox); // expected-warning{{42 S32b}}
+ }
+};
+
+void entry() { bar test; }
+
+} // namespace base_ctor_call
+
+namespace delegate_ctor_call {
+
+void clang_analyzer_dump(int);
+
+struct foo {
+ int foox;
+};
+
+struct bar : foo {
+ bar(int parx) { this->foox = parx; }
+ bar() : bar{42} {
+ clang_analyzer_dump(this->foox); // expected-warning{{42 S32b}}
+ }
+};
+
+void entry() { bar test; }
+
+} // namespace delegate_ctor_call
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
